[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Hashed passwords in userpassword

To: Michael Ströder <michael.stroeder@inka.de>
Subject: Re: Hashed passwords in userpassword
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 25 Sep 1999 11:53:19 -0700
Cc: openldap-general@OpenLDAP.org
In-reply-to: <37ED12E3.870E8335@inka.de>

At 08:22 PM 9/25/99 +0200, Michael Ströder wrote:
>Actually I'm integrating support for setting/modifying encrypted/hashed
>passwords in my WWW-LDAP-gateway.
>
>This works fine with using crypt, e.g.
>
>userpassword: {CRYPT}.5X.al91HG.WI
>
>But what's the scheme for using MD5 or SHA-1 hashed passwords?

The basic scheme is described by RFC2307.  This Netscape technote
provides additional details for SHA and SSHA schemes:

 http://developer.netscape.com:80/docs/technote/ldap/pass_sha.html

(md5 and smd5 are encoded similiarly).

>Is there already support for hashed passwords in OpenLDAP?

Yes.  OpenLDAP 1.2 supports authentication against userPassword
schemes:
  crypt, md5, smd5, sha and sha1.

OpenLDAP 1.2 uses client-side hash generation.  See ldappasswd(1).

Kurt

References:
- Hashed passwords in userpassword
  - From: Michael Ströder <michael.stroeder@inka.de>

Prev by Date: Re: Hashed passwords in userpassword
Next by Date: Re: Hashed passwords in userpassword
Index(es):
- Chronological
- Thread